The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. The 2.3 release includes three user interfaces, 46 exploits and 68 payloads; many of these exploits are either the only ones publicly available or just much more reliable than anything else out there. The Framework will run on any modern system that has a working Perl interpreter, the Windows installer includes a slimmed-down version of the Cygwin environment.
c269e25c970fbb8d2482b1888f1df1bc37b5f7847f620e03479383705a1fab6bVuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
4870e6983b70e9909e2ae89a7cb15714f797960b54cfa1683045de915d1f0cfaiTunes 4.7.1 fixes a buffer overflow in the parsing of m3u and pls playlist files that could allow earlier versions of iTunes to crash and execute arbitrary code.
1deb95f4b7c07396547d3dd6c730b8cd3a6db6e7340d812a379a4e5c91346804Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows XP and 2003, which can be exploited by malicious people to compromise a vulnerable system.
dbf21616a2deab6a07c994e593b5f70833fa631ad8916a4ac0f803672cab67e5Gentoo Linux Security Advisory GLSA 200501-22 - poppassd_pam allows anyone to change any user's password without authenticating the user first.
6d05e3d86615c281144c9c5f896689b19a0bbb03646df29f330f75046458c882This patch is for john the ripper and adds the ability to crack MS Cached Credential hashes. To be used in conjunction with the Cachedump tool.
8c79b96f0f0c2b4783f9968e7cff700eabea422aae592f1c2c9d3edc2f326e7eeEye Security Advisory - eEye Digital Security has discovered a vulnerability in USER32.DLL's handling of Windows animated cursor (.ani) files that will allow a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code.
275e5b4949a24a8547c74682fdeec54126ea87b623d08487cd69e083d0ae8d7aCacheDump is a tool that demonstrates how to recover cache entry information: username and hashed password (called MSCASH). This tool also explains the technical issues underneath Windows password cache entries, which are undocumented by Microsoft.
ab7690f54598c6254f09bbf76f2ad400a7fc3f5df5af80af2faed70120d1abbfHylaFAX hfaxd versions as far back as 4.0pl0 are vulnerable to unauthorized remote access when there are hosts.hfaxd entries without passwords.
c2b31ddd6a1c8036205a2b8f16f7743f7e8e3c1a17bebb71729bab5bac989e07Gentoo Linux Security Advisory GLSA 200501-19 - Multiple overflows have been found in the imlib2 library image decoding routines, potentially allowing the execution of arbitrary code.
4f9db68871a7e7bbb658f88b516840de2fa2ca790a5be6cd20861f59a6e66d66Greymatter 1.3 suffers from script insertion flaws due to a lack of input validation.
da1f5f42b079a3f9904b71392c248b088229d85558c51879520174534f21e8acSecunia Security Advisory - Multiple vulnerabilities have been reported in VideoDB, which can be exploited by malicious people to conduct SQL and cross-site scripting attacks, and bypass certain security restrictions.
970e0b13469ee2c892381de0453e10933c23928df528826b4088816a56b35c32SCO UnixWare mountd suffers from a denial of service vulnerability. Versions 7.1.4, 7.1.3, 7.1.1, and 7.0.1 are affected.
2abd68286135616dddfa95724b7ef045c27b565df8b1b2e6c23e36686593305eRemote buffer overflow exploit for the w3who.dll in Microsoft Windows 2000. Drops to a command shell.
791c811f7b49febb9fa1bb40a85b1ab1d9f1f2712120f52a797cf5c3770e9942Remote Microsoft Windows WINS exploit created by the Metasploit Framework.
389f409a7d45860686e46e3506c07570873310d3c58abcf4654df37406bd247eGentoo Linux Security Advisory GLSA 200501-17 - KPdf and KOffice both include vulnerable Xpdf code to handle PDF files, making them vulnerable to the execution of arbitrary code if a user is enticed to view a malicious PDF file.
1f0ab629b747bfbdd86a5b215a393552c0fafac6783bb4f342a4797d376895fcSecunia Security Advisory - Multiple vulnerabilities have been reported in the Linux kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose sensitive information, or gain escalated privileges on a vulnerable system.
c0dd82a5bb0c958b5f47266b23dd94f4c61f638a7b134c4135341df3fa200669Gracebyte Network Assistant 3.x has been found susceptible to a denial of service attack.
5bbd512bc0dac550aa8835f61964fc5fc59612860368511ad276ce845d596e05Secunia Security Advisory - A vulnerability have been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service).
7c66d4e403c231531bf6cf546835c7ef3e1568cffa0e9766a02aaaeb161dd9b9A thoroughly written white paper discussing how to defend web services using mod_security.
bff27e41da0ed96737c94d7f79f29f3432e83dda6ab0b1eed20e27122f946d50LSS Security Advisory #LSS-2005-01-03 - There is a privilege escalation and arbitrary file read vulnerability in ftpfile, the Squirrelmail Vacation plugin. Version 0.15 is affected. Detailed exploitation provided.
7688f4089c87f00981c0f9d4b007b41913c9605ad778a2cfa060942962b562f8LSS Security Advisory #LSS-2005-01-02 - The Apache module mod_auth_radius suffers from an integer overflow. All versions up to 1.5.4/1.5.7 are affected.
b3fc79d5d6b5d350e5fd36c5491d811daff89c0d3ff0d81ec9bd70677ec70c62LSS Security Advisory #LSS-2005-01-01 - Mod_dosevasive versions 1.9 and below suffer from symlink and race condition vulnerabilities.
838eedefa22b182946dfddafd995a4dfb27135851803dc06b7ea2e1f07c3ee16Debian Security Advisory 633-1 - Peter Samuelson, upstream maintainer of bmv, a PostScript viewer for SVGAlib, discovered that temporary files are created in an insecure fashion. A malicious local user could cause arbitrary files to be overwritten by a symlink attack.
11301d1f812720278d865041ac5780f60a061ad8a335e371bb3a2bf3cec20b58Remote stack overflow exploit for Veritas Backup Exec. Works for versions 9.1.4691.SP1, 9.1.4691.SP0, and 8.5.3572. Allows for a shell to be bound to port 101 or it spawn a reverse shell as well.
66d099090c243e36b9f7564b05d434f6f4b2b0d4406b819eb60322f646d6b2fc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed